update README.md
This commit is contained in:
Harald Hoyer
parent
dfc067af2f
commit
6252c99850
32
README.md
32
README.md
|
|
@ -1,9 +1,20 @@
|
|||
# FedoraBook
|
||||
|
||||
WIP
|
||||
Let's put all the fancy features together, we developed in the last years:
|
||||
- Combined kernel+initramfs EFI binaries
|
||||
- Secure Boot
|
||||
- clevis with TPM2
|
||||
- LUKS2
|
||||
- dm-verity + squashfs root
|
||||
- Flatpak
|
||||
- flickerless boot
|
||||
and build a Chromebook like Fedorabook, where you can install all software via Flatpak.
|
||||
|
||||
This is WIP. Please test and report issues or comments on https://pagure.io/Fedorabook/issues
|
||||
|
||||
## Goals
|
||||
- secure boot to the login screen
|
||||
- immutable /usr and maybe /etc
|
||||
- ensured integrity to the login screen
|
||||
- encrypted volatile data
|
||||
- A/B boot switching for updates
|
||||
|
|
@ -18,8 +29,19 @@ WIP
|
|||
|
||||
## TODO
|
||||
- merge mkimage.sh and clonedisk
|
||||
- change partition UUIDs for /data
|
||||
- UUID for TPM LUKS
|
||||
- UUID for LUKS
|
||||
- UUID for unencrypted xfs
|
||||
- update mechanism
|
||||
- add proper EFI boot manager entries for A and B
|
||||
- extend efi stub for recovery boot in the old image
|
||||
- signing tools
|
||||
- firmware update
|
||||
- selinux?
|
||||
|
||||
## Known Failures
|
||||
- gnome-software: can't update firmware repo
|
||||
|
||||
## Create
|
||||
|
||||
|
|
@ -55,3 +77,11 @@ $ sudo ./mkimage.sh <IMGDIR> /dev/disk/by-path/pci-…-usb…
|
|||
- ```clonedisk <usb stick device> <harddisk device>```
|
||||
- reboot
|
||||
- remove stick
|
||||
|
||||
## Post Boot
|
||||
|
||||
### Persistent journal
|
||||
```bash
|
||||
$ sudo mkdir /var/log/journal
|
||||
```
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue